As Alexander said, the Creating the Server Configuration Items Programmatically link should have the information you need. Note, in particular, the types of the properties. Looking at what you have here, the IssuerEndpoint and SupportedScopes properties are of the wrong type: IssuerEndpoint needs to be an OAuth2.Endpoint object and SupportedScopes is an array of strings so should be set withdo oauth2server.SupportedScopes.SetAt(<scope description>,"ikp-scope")

Hi Michele,

Access tokens are Persistent objects so they are already stored on the server. As an administrator of an Authorization Server, you can view all of the access tokens issued to a given user like any other Persistent object stored on the server. If all you want is, at any given time, to see what access tokens are issued to a given user you can query the OAuth2.Server.AccessToken SQL table for that information.

However, if you are asking if the timing of saving an access token can be changed, you are out of luck. For all grant types other than Implicit (which is being deprecated), the actual access token can't be created until after the user logs in, so there is no way to store or present the access token as part of the login process because the access token does not yet exist at that point.

I hope this helps,